- From: Deirdre Mulligan <deirdre@cdt.org>
- Date: Fri, 10 Oct 1997 17:58:38 -0400
- To: http-state@lists.research.bell-labs.com, cuckoo.hpl.hp.com@http-wg.uucp
Dave -- I think this is an excellent idea. Policy makers, users, and
advocates alike have been concerned with the privacy implications of
cookies. The lack of a clear discussion that those outside the technical
community can follow has produced confusion, some misinformation, in
addition to legitimate concern. I don't know if what you have in mind
would fill this role, but I do believe a clear discussion of the privacy
implications is important. Thanks.
>Things have been very quiet on the cookie front. I have been busy with
>other projects, but I am now able to return to the fray.
>
>At issue is how to make progress on a successor to RFC 2109. One
>proposal is to split draft-ietf-http-state-man-mec-03 into two pieces:
>
>1) a description of the wire protocol; and
>2) a description of the privacy considerations of cookies.
>
>The second document would comprise approximately these sections of
>state-man-mec-03:
> - 4.3.5 Sending Cookies in Unverifiable Transactions
> - 7 Privacy
>
>The groundrules would be that each of the two documents could/should be
>discussed separately, but that the IESG would not allow either to
>become an RFC until agreement had been reached on both.
>
>I'm soliciting discussion of this approach before I invest the time
>to split the document in two. What do you think of this approach?
>
>Dave Kristol
\|/
(@ @)
--------oOOo-(_)-oOOo-----------
Deirdre Mulligan Someone may be watching you online
Staff Counsel Check out: http://www.cdt.org/privacy/
Center for Democracy and Technology
1634 Eye Street, NW
11th Floor
Washington, DC 20006
(v) +1.202.637.9800
(f) +1.202.637.0968
http://www.cdt.org/
Received on Friday, 10 October 1997 22:00:46 UTC